Networking, Automation, Code

Networking, Automation, Code

Previous | Page: 1 of 1 | Next

Windows 11 Ransomware protection blocks the install of some PowerShell modules from being installed

| (Last Update : August 31, 2021)
development productivity windows11

While windows 11 is not yet released I came across a frustrating issue when I was attempting to install a PowerShell module in PS 7.1.4. If you have the Windows Security feature Ransomware protection enabled. This will block apps and services from making some changes to protected folders in OneDrive. In my environment I have OneDrive operating as my Documents folder. Within the Documents folder is where the $ENV:PSModulePath stores my modules (Documents\PowerShell\Modules). When I had PWSH install a new module it was attempting to write to this location which is now protected. When installing new modules I always launch a new PWSH window as an elevated session. Even with elevated privileges this was still blocked by the ransomware protection. When I thing about it, it should be protected from pwsh. The error was complaining about session not having Administrator rights. PS C:\Windows\System32> Install-Module Az -AllowClobber -Force Install-Package: C:\program files\powershell\7\Modules\PowerShellGet\PSModule.psm1:9711 Line | 9711 | … talledPackages = PackageManagement\Install-Package @PSBoundParameters | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | Administrator rights are required to install or update. Log on to the computer | with an account that has Administrator rights, and then try again, or install by | adding "-Scope CurrentUser" to your command. You can also try running the Windows | PowerShell session with elevated rights (Run as Administrator). At the time I was doing this, I found the error puzzling. I didn’t yet notice the new popup from security alerting me of a app being blocked. When the ransomware protection kicks in a new notification popup will appear and ask for permission. To allow the new module to be installed, I needed to allow this action by accepting it in the protection history. After allowing it I can re-run the same Install-Module action to install the module. One thing to note about doing this. The pwsh.exe will be put listed in the “Allow an app though controlled folder access”. I plan to remove pwsh.exe from this trusted app list. Now that I know pwsh is blocked from adding new modules to the Modules folder, I can enable it when I update my modules.

Read more...

Find And Save Modules with PowerShell

| (Last Update : December 12, 2020)
Windows PowerShell

Today I wanted to discuss a couple of PowerShell tools I needed to utilize this week, Find-Module and Save-Module. These are powerful tools if you’re working with a restricted environment and don’t have direct access to PSGallery. Find-Module and Save-Module are helpful tools and can identify required modules and save them to a temporary location. These modules are built-in PowerShell method that allows you to call into PSGallery or a specific repository. In my case, I only need access to PSGallery and the system I’m working with has internet access. Let’s get started. Find-Module Starting with Find-Module, it can call into a repository like PSGallery to query modules that have a matching name. The names don’t need to be exact when using a wildcard with the name. ❯ Find-Module -Name *pest* Version Name Repository Description ------- ---- ---------- ----------- 5.1.0 Pester PSGallery Pester provides a framework for running BDD style Tests to e… 0.3.1 PesterMatchArray PSGallery Array assertions for Pester 1.6.0 Format-Pester PSGallery Powershell module for documenting Pester s results. 0.0.4 PestWatch PSGallery Adds File watcher support to Pester 1.0.0 PSPesterTest PSGallery Provides pre-defined pester tests for PowerShell scripts and… 0.3.0 PesterMatchHashtable PSGallery Hashtable assertions for Pester 0.0.4 PesterInfrastructureTests PSGallery Small module that helps with quickly testing Active Director… 0.0.6 PesterHelpers PSGallery PesterHelpers contains helper functions to help users move a… 0.2.0 pspestertesthelpers PSGallery A collection of helper functions to use with Pester tests. Once the module is discovered, additional parameters can be used to identify more details of the module in question. -AllVersions will expose all the published versions of a module that are in the repository. ❯ Find-Module -Name Pester -AllVersions Version Name Repository Description ------- ---- ---------- ----------- 5.1.0 Pester PSGallery Pester provides a framework for running BDD style Tests to e… 5.0.4 Pester PSGallery Pester provides a framework for running BDD style Tests to e… 5.0.3 Pester PSGallery Pester provides a framework for running BDD style Tests to e… 5.0.2 Pester PSGallery Pester provides a framework for running BDD style Tests to e… 5.0.1 Pester PSGallery Pester provides a framework for running BDD style Tests to e… 5.0.0 Pester PSGallery Pester provides a framework for running BDD style Tests to e… 4.10.1 Pester PSGallery Pester provides a framework for running BDD style Tests to e… 4.10.0 Pester PSGallery Pester provides a framework for running BDD style Tests to e… From the full list, several details can be teased out from the list of available modules. In this case some of these modules are considered pre-release. Find-Module does offer a way to discover versions that the publisher has listed as prerelease. -AllowPrerelease will bubble up those versions from the list. ❯ Find-Module -Name Pester -AllowPrerelease Version Name Repository Description ------- ---- ---------- ----------- 5.1.0 Pester PSGallery Pester provides a framework for running BDD style Tests to e… In my case, I’m looking for a specific version that was required on my system. Using -RequiredVersion plus the version number will show the details of the module. In this example, the module details are listed when it’s piped to Format-List. ❯ Find-Module -Name pester -RequiredVersion 4.9.0 |Format-List Name : Pester Version : 4.9.0 Type : Module Description : Pester provides a framework for running BDD style Tests to execute and validate PowerShell commands inside of PowerShell and offers a powerful set of Mocking Functions that allow tests to mimic and mock the functionality of any command inside of a piece of PowerShell code being tested. Pester tests can execute any command or script that is accessible to a pester test file. This can include functions, Cmdlets, Modules and scripts. Pester can be run in ad hoc style in a console or it can be integrated into the Build scripts of a Continuous Integration system. Author : Pester Team CompanyName : {dlwyatt, nohwnd} Copyright : Copyright (c) 2019 by Pester Team, licensed under Apache 2.0 License. PublishedDate : 9/8/2019 8:56:49 AM InstalledDate : UpdatedDate : LicenseUri : https://www.apache.org/licenses/LICENSE-2.0.html ProjectUri : https://github.com/Pester/Pester IconUri : https://raw.githubusercontent.com/pester/Pester/master/images/pester.PNG Tags : {powershell, unit_testing, bdd, tdd…} Includes : {DscResource, Workflow, Function, RoleCapability…} PowerShellGetFormatVersion : ReleaseNotes : https://github.com/pester/Pester/releases/tag/4.9.0 Dependencies : {} RepositorySourceLocation : https://www.powershellgallery.com/api/v2/ Repository : PSGallery PackageManagementProvider : NuGet Now that the Module has been discovered, how to download it for easy transfer to my system? Save-Module The Save-Module was created take module package and place it in a specific location so it can be transferred to its ultimate destination. Like Find-Module this method can narrowly download a specific version it that is needed. Is has similar parameters like MaximumVersion, MinimumVersion and RequiredVersion. One of the required parameters is the -Path. This will tell the method where to deposit the downloaded package. Both examples will accomplish the same job. Find-Module -Name pester -RequiredVersion 4.9.0 | Save-Module -Path C:\temp\foo Save-Module -Path c:\temp\foo -RequiredVersion 4.9.0 -Name pester Now that the package is downloaded, what to do with it? The c:\temp\foo\Pester can now be transferred as is to the system or systems that require the version. Directory: C:\temp\foo\Pester\4.9.0 Mode LastWriteTime Length Name ---- ------------- ------ ---- d---- 12/8/2020 11:18 PM bin d---- 12/8/2020 11:18 PM Dependencies d---- 12/8/2020 11:18 PM en-US d---- 12/8/2020 11:18 PM Functions d---- 12/8/2020 11:18 PM lib d---- 12/8/2020 11:18 PM Snippets -a--- 9/8/2019 8:19 AM 4475 junit_schema_4.xsd -a--- 12/11/2018 1:29 PM 611 LICENSE -a--- 5/1/2019 9:36 AM 5933 nunit_schema_2.5.xsd -a--- 9/8/2019 8:53 AM 15364 Pester.psd1 -a--- 9/8/2019 8:53 AM 79290 Pester.psm1 If the tool is needed as a system wide package, the module should be placed in the PSModulePath. $ENV:PSModulePath will show all the available path locations where modules are installed from. There are two different options where the package can be placed, ~\Documents\WindowsPowerShell\Modules or in c:\Program Files\WindowsPowerShell\Modules directories. The user Documents folder is typically reserved for user defined modules and if a module is needed for wider system access module are typically placed in the Program Files. There is a third option, c:\windows\System32\WindowsPowerShell\v1.0\Modules. This location is reserved for windows, it’s not advised to utilize this location. This post walked through a couple of helpful tools to discover some modules with Find-Module and save the Module using Save-Module. A few examples were provided to show various ways to use the PowerShell methods and where to place the package after it has been downloaded. Happy Power Shelling.

Read more...

Adding A Second VNIC To Windows

| (Last Update : December 01, 2020)
Productivity Windows PowerShell

This week I took the opportunity to finally setup my server and make it truly useful. This server is going to act as a jump box where I can connect from my management network to the lab and operate some virtual machines on. Long ago in this type of situation, it would require two different network cards where a physical link would be dedicated for each network. A better way to perform this same design is to use switch independent teaming and virtual NICs. When switch independent teaming is used it allows you to bond both interfaces, this gives you a redundant link, and additional bandwidth. In my case, I’m working with two 40G NICs and this will give me a combined links speed of 80G, who wouldn’t want to work with 80G of bandwidth! To setup this environment the switch that connects to the server needs to be configured in a way to take advantage of this setup. The switch setup is very simple, it only needs a native VLAN and a VLAN tag. In this example VLAN 5 would be my management network and VLAN 3000 is the lab. Interface Ethernet1/1 switchport switchport mode trunk switchport trunk native vlan 5 switchport trunk allowed vlan 5, 3000 VLAN 5 being a management network, it’s setup with DHCP. VLAN 3000 is the secondary network and it requires a static IP address. To configure windows, the following set of commands needs to be performed. The first thing we need is the network adapter names. This server has more than two network interfaces installed. To ensure I’m working with the correct interfaces I’ll need to gather the actual interface names. I happen to know the interfaces names contain the word “Slot”. $nicName = Get-NetAdapter | Where-Object {$_.Name -match "Slot"} $nicName.Name SLOT 3 2 SLOT 3 Next, setup windows Switch Independent teaming. The name of the team will be “LBFOTeam”, with a Load Balancing Algorithm of HyperVport. I’m planning to use VM’s on this host, HyperV Port is the best match. New-NetLbfoTeam -Name LBFOTeam –TeamMembers $nicName -TeamingMode SwitchIndependent -LoadBalancingAlgorithm HyperVPort -Confirm:$false At this point the team is setup and should come online within a few minutes. The next three steps will setup the virtual switch (VSwitch), attach a virtual network (VNIC) adapter to the VSwitch, and rename the VNIC. If you used the GUI this is where the GUI ends. The GUI does not allow you to add multiple VNIC’s, but PowerShell does. As I stated above, my management network is already setup with DHCP so once the Management adapter is added it will pick up an IP address. # Virutal Switch setup New-VMSwitch -Name HVSwitch –NetAdapterName "LBFOTeam" –MinimumBandwidthMode Weight –AllowManagementOS $false # Attach a virtual NIC. Add-VMNetworkAdapter –ManagementOS –Name Management –SwitchName HVSwitch # Rename the adapter. Get-NetAdapter -Name *Management* | Rename-NetAdapter -NewName Management Next, the secondary VNIC needs to be setup and connected to my lab network. To do this, some of the same steps need to be performed with one additional step, attaching the NIC to a VLAN id. # Add the additional VNIC Add-VMNetworkAdapter -ManagementOS -Name Lab -SwitchName HVSwitch # Rename it to a proper name Get-NetAdapter -Name *Lab* | Rename-NetAdapter -NewName "Lab" # Attach a VLAN ID to the VNIC Set-VMNetworkAdapterVlan -ManagementOS -VMNetworkAdapterName Lab -Access -VlanId 3000 At this point the VNIC is established and connected to the lab network with the VLAN id of 3000. When a host has two different networks attached, there is one rule. There can only be one default gateway. Keeping to this rule, when the static ip is configured, the gateway is not going to be configured. Static routes will be used to route beyond the subnet attached subnet. # Add a Static IP to the new VNIC New-NetIPAddress -InterfaceAlias Lab -IPAddress 192.168.1.10 -AddressFamily IPv4 -PrefixLength 24 # setup the static route to allow access to the lab network. New-NetRoute -DestinationPrefix 10.16.0.0/12 -InterfaceAlias Lab -AddressFamily IPv4 -NextHop 192.168.1.1 New-NetRoute -DestinationPrefix 192.168.1.0/24 -InterfaceAlias Lab -AddressFamily IPv4 -NextHop 192.168.1.1 All of these steps provided a brief walk though of setting up Switch Independent teaming, using a VSwitch and two VNIC’s that are attached to the management os on Windows Server. Enjoy!

Read more...

Improve Your VSCode Productivity

| (Last Update : September 06, 2020)
development ide productivity

If your a users of Microsoft’s Visual Studio Code (VSCode) then you may have noticed that there are a lot of useful extensions in it’s marketplace. As of September 2020, it had approximately 20,690 extensions. Thats a lot of extension to sift through. In this article I wanted to share 4 different extensions that will help improve your productivity with VSCode. These are pretty universal and will make your code a bit more readable. If you work with JSON, YAML, Python, PowerShell, C#, C++ or other. These extension will help your everyday experience better. Indent Rainbow is an extension that will color code tabs and spaces in the code your are viewing. For me, I find this extension particular useful with working with JSON and YAML files. The files I’m working with are large and complex and this visual aid can be useful to determine if edits are landing in the correct location. The extension can be configured for specific type of files, but I use it for all files. Bracket Pair Colorizer is similar to Indent Rainbow where color is used. It uses color to expose matching brackets in your code. Unlike Indent Rainbow where it will highlight the tabs and spaces in a file. This will add colors to the start and end of a set of braces. This can be handy when reviewing your code and identify if you have placed your braces in the correct location. This visual aid should help save you a few seconds when reviewing code. A second here and a second there save a lot of time in the long run. Better Comments is a comment enhancer where it exposes useful notes to the owner or teams maintaining the program. If you work independent or within a team this will help make your comment “better”. It has a syntax parser that looks for key characters or words in the code and will highlights them with specific colors. This will override the existing color scheme that is used for your comments and highlight these items with a different color. These items may not rise to the level where you need a bug or task for them and you want additional notes in your code. This is worth checking out. Todo Tree works with ToDo comments in the source code. If your using something like Better Comments to expose ToDo items in the comments of your code. This will identify all of the ToDo items and place them in a central location within VsCode. The extension will make it much easier to find all those ToDo’s your don’t want to track in a bug or task. Like almost all extension in VSCode these are all freeware and should work with any language your are using. These are my favorite extension that I utilize them on a daily bases. I hope they make your coding experience better too.

Read more...

Office Window Timelapse

August 11, 2020 | (Last Update : July 14, 2020)
yard timelaps

In July when the neowise comet approaching I decided to setup my GoPro with a timelapse setting. I didn't really think I would catch the comet in the timelapse but I thought this would be fun to setup and look at. This is a view of my office window during the week, as you can see not much happens except the clouds are moving across the sky.

Read more...
Previous | Page: 1 of 1 | Next